Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py
- branch
- eric7
- changeset 11137
- a90284948331
- parent 11136
- 437db2f032fd
- child 11147
- dee6e106b4d3
equal
deleted
inserted
replaced
| 11136:437db2f032fd | 11137:a90284948331 |
|---|---|
| 37 "pandas.read_pickle", | 37 "pandas.read_pickle", |
| 38 ], | 38 ], |
| 39 "M", | 39 "M", |
| 40 ), | 40 ), |
| 41 "S302": (["marshal.load", "marshal.loads"], "M"), | 41 "S302": (["marshal.load", "marshal.loads"], "M"), |
| 42 "S303": ( | |
| 43 [ | |
| 44 "Crypto.Hash.MD2.new", | |
| 45 "Crypto.Hash.MD4.new", | |
| 46 "Crypto.Hash.MD5.new", | |
| 47 "Crypto.Hash.SHA.new", | |
| 48 "Cryptodome.Hash.MD2.new", | |
| 49 "Cryptodome.Hash.MD4.new", | |
| 50 "Cryptodome.Hash.MD5.new", | |
| 51 "Cryptodome.Hash.SHA.new", | |
| 52 "cryptography.hazmat.primitives.hashes.MD5", | |
| 53 "cryptography.hazmat.primitives.hashes.SHA1", | |
| 54 ], | |
| 55 "M", | |
| 56 ), | |
| 57 "S304": ( | |
| 58 [ | |
| 59 "Crypto.Cipher.ARC2.new", | |
| 60 "Crypto.Cipher.ARC4.new", | |
| 61 "Crypto.Cipher.Blowfish.new", | |
| 62 "Crypto.Cipher.DES.new", | |
| 63 "Crypto.Cipher.XOR.new", | |
| 64 "Cryptodome.Cipher.ARC2.new", | |
| 65 "Cryptodome.Cipher.ARC4.new", | |
| 66 "Cryptodome.Cipher.Blowfish.new", | |
| 67 "Cryptodome.Cipher.DES.new", | |
| 68 "Cryptodome.Cipher.XOR.new", | |
| 69 "cryptography.hazmat.primitives.ciphers.algorithms.ARC4", | |
| 70 "cryptography.hazmat.primitives.ciphers.algorithms.Blowfish", | |
| 71 "cryptography.hazmat.primitives.ciphers.algorithms.CAST5", | |
| 72 "cryptography.hazmat.primitives.ciphers.algorithms.IDEA", | |
| 73 "cryptography.hazmat.primitives.ciphers.algorithms.SEED", | |
| 74 "cryptography.hazmat.primitives.ciphers.algorithms.TripleDES", | |
| 75 ], | |
| 76 "H", | |
| 77 ), | |
| 78 "S305": (["cryptography.hazmat.primitives.ciphers.modes.ECB"], "M"), | |
| 79 "S306": (["tempfile.mktemp"], "M"), | |
| 80 "S307": (["eval"], "M"), | |
| 81 "S308": (["django.utils.safestring.mark_safe"], "M"), | |
| 82 "S310": ( | |
| 83 [ | |
| 84 "urllib.request.urlopen", | |
| 85 "urllib.request.urlretrieve", | |
| 86 "urllib.request.URLopener", | |
| 87 "urllib.request.FancyURLopener", | |
| 88 "six.moves.urllib.request.urlopen", | |
| 89 "six.moves.urllib.request.urlretrieve", | |
| 90 "six.moves.urllib.request.URLopener", | |
| 91 "six.moves.urllib.request.FancyURLopener", | |
| 92 ], | |
| 93 "", | |
| 94 ), | |
| 95 "S311": ( | |
| 96 [ | |
| 97 "random.Random", | |
| 98 "random.random", | |
| 99 "random.randrange", | |
| 100 "random.randint", | |
| 101 "random.choice", | |
| 102 "random.choices", | |
| 103 "random.uniform", | |
| 104 "random.triangular", | |
| 105 "random.randbytes", | |
| 106 ], | |
| 107 "L", | |
| 108 ), | |
| 109 "S312": (["telnetlib.Telnet"], "H"), | |
| 110 "S313": ( | |
| 111 [ | |
| 112 "xml.etree.cElementTree.parse", | |
| 113 "xml.etree.cElementTree.iterparse", | |
| 114 "xml.etree.cElementTree.fromstring", | |
| 115 "xml.etree.cElementTree.XMLParser", | |
| 116 ], | |
| 117 "M", | |
| 118 ), | |
| 119 "S314": ( | |
| 120 [ | |
| 121 "xml.etree.ElementTree.parse", | |
| 122 "xml.etree.ElementTree.iterparse", | |
| 123 "xml.etree.ElementTree.fromstring", | |
| 124 "xml.etree.ElementTree.XMLParser", | |
| 125 ], | |
| 126 "M", | |
| 127 ), | |
| 128 "S315": (["xml.sax.expatreader.create_parser"], "M"), | |
| 129 "S316": ( | |
| 130 ["xml.dom.expatbuilder.parse", "xml.dom.expatbuilder.parseString"], | |
| 131 "M", | |
| 132 ), | |
| 133 "S317": (["xml.sax.parse", "xml.sax.parseString", "xml.sax.make_parser"], "M"), | |
| 134 "S318": (["xml.dom.minidom.parse", "xml.dom.minidom.parseString"], "M"), | |
| 135 "S319": (["xml.dom.pulldom.parse", "xml.dom.pulldom.parseString"], "M"), | |
| 136 "S321": (["ftplib.FTP"], "H"), | |
| 137 "S323": (["ssl._create_unverified_context"], "M"), | |
| 42 } | 138 } |
| 43 _prohibitedCalls["S303"] = ( | |
| 44 [ | |
| 45 "Crypto.Hash.MD2.new", | |
| 46 "Crypto.Hash.MD4.new", | |
| 47 "Crypto.Hash.MD5.new", | |
| 48 "Crypto.Hash.SHA.new", | |
| 49 "Cryptodome.Hash.MD2.new", | |
| 50 "Cryptodome.Hash.MD4.new", | |
| 51 "Cryptodome.Hash.MD5.new", | |
| 52 "Cryptodome.Hash.SHA.new", | |
| 53 "cryptography.hazmat.primitives.hashes.MD5", | |
| 54 "cryptography.hazmat.primitives.hashes.SHA1", | |
| 55 ], | |
| 56 "M", | |
| 57 ) | |
| 58 | |
| 59 _prohibitedCalls.update( | |
| 60 { | |
| 61 "S304": ( | |
| 62 [ | |
| 63 "Crypto.Cipher.ARC2.new", | |
| 64 "Crypto.Cipher.ARC4.new", | |
| 65 "Crypto.Cipher.Blowfish.new", | |
| 66 "Crypto.Cipher.DES.new", | |
| 67 "Crypto.Cipher.XOR.new", | |
| 68 "Cryptodome.Cipher.ARC2.new", | |
| 69 "Cryptodome.Cipher.ARC4.new", | |
| 70 "Cryptodome.Cipher.Blowfish.new", | |
| 71 "Cryptodome.Cipher.DES.new", | |
| 72 "Cryptodome.Cipher.XOR.new", | |
| 73 "cryptography.hazmat.primitives.ciphers.algorithms.ARC4", | |
| 74 "cryptography.hazmat.primitives.ciphers.algorithms.Blowfish", | |
| 75 "cryptography.hazmat.primitives.ciphers.algorithms.CAST5", | |
| 76 "cryptography.hazmat.primitives.ciphers.algorithms.IDEA", | |
| 77 "cryptography.hazmat.primitives.ciphers.algorithms.SEED", | |
| 78 "cryptography.hazmat.primitives.ciphers.algorithms.TripleDES", | |
| 79 ], | |
| 80 "H", | |
| 81 ), | |
| 82 "S305": (["cryptography.hazmat.primitives.ciphers.modes.ECB"], "M"), | |
| 83 "S306": (["tempfile.mktemp"], "M"), | |
| 84 "S307": (["eval"], "M"), | |
| 85 "S308": (["django.utils.safestring.mark_safe"], "M"), | |
| 86 "S310": ( | |
| 87 [ | |
| 88 "urllib.request.urlopen", | |
| 89 "urllib.request.urlretrieve", | |
| 90 "urllib.request.URLopener", | |
| 91 "urllib.request.FancyURLopener", | |
| 92 "six.moves.urllib.request.urlopen", | |
| 93 "six.moves.urllib.request.urlretrieve", | |
| 94 "six.moves.urllib.request.URLopener", | |
| 95 "six.moves.urllib.request.FancyURLopener", | |
| 96 ], | |
| 97 "", | |
| 98 ), | |
| 99 "S311": ( | |
| 100 [ | |
| 101 "random.Random", | |
| 102 "random.random", | |
| 103 "random.randrange", | |
| 104 "random.randint", | |
| 105 "random.choice", | |
| 106 "random.choices", | |
| 107 "random.uniform", | |
| 108 "random.triangular", | |
| 109 "random.randbytes", | |
| 110 ], | |
| 111 "L", | |
| 112 ), | |
| 113 "S312": (["telnetlib.Telnet"], "H"), | |
| 114 "S313": ( | |
| 115 [ | |
| 116 "xml.etree.cElementTree.parse", | |
| 117 "xml.etree.cElementTree.iterparse", | |
| 118 "xml.etree.cElementTree.fromstring", | |
| 119 "xml.etree.cElementTree.XMLParser", | |
| 120 ], | |
| 121 "M", | |
| 122 ), | |
| 123 "S314": ( | |
| 124 [ | |
| 125 "xml.etree.ElementTree.parse", | |
| 126 "xml.etree.ElementTree.iterparse", | |
| 127 "xml.etree.ElementTree.fromstring", | |
| 128 "xml.etree.ElementTree.XMLParser", | |
| 129 ], | |
| 130 "M", | |
| 131 ), | |
| 132 "S315": (["xml.sax.expatreader.create_parser"], "M"), | |
| 133 "S316": ( | |
| 134 ["xml.dom.expatbuilder.parse", "xml.dom.expatbuilder.parseString"], | |
| 135 "M", | |
| 136 ), | |
| 137 "S317": (["xml.sax.parse", "xml.sax.parseString", "xml.sax.make_parser"], "M"), | |
| 138 "S318": (["xml.dom.minidom.parse", "xml.dom.minidom.parseString"], "M"), | |
| 139 "S319": (["xml.dom.pulldom.parse", "xml.dom.pulldom.parseString"], "M"), | |
| 140 "S321": (["ftplib.FTP"], "H"), | |
| 141 "S323": (["ssl._create_unverified_context"], "M"), | |
| 142 } | |
| 143 ) | |
| 144 | 139 |
| 145 | 140 |
| 146 def getChecks(): | 141 def getChecks(): |
| 147 """ | 142 """ |
| 148 Public method to get a dictionary with checks handled by this module. | 143 Public method to get a dictionary with checks handled by this module. |
